VPN blocks local network

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

I have a vpn from my work computer to the main office down the street.
When i connect, i can no longer get to my local network.

How do i set it up so i have access to both networks (vpn and lcoal) at
the same time?

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

wwwc21@gmail.com schrieb:

> I have a vpn from my work computer to the main office down the street.
> When i connect, i can no longer get to my local network.

This is by design!

>
> How do i set it up so i have access to both networks (vpn and lcoal) at
> the same time?

You should never have that.

Once your computer has an open VPN connection to your head office only
your computer should be visible from the head office and your head
office should only see your computer.

What You want is called "split tunneling" and is an absolute nono for
security reasons...


--
Martin Bodenstedt

www.landtag-bw.de / www.die-bodenstedts.de

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

What if you have 2 network cards? Can you see two networks that way?

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

Russell Zager schrieb:
> What if you have 2 network cards? Can you see two networks that way?

Not if the vpn is implemented correctly.

Remember:

the isolation of the pc against your own lan while the tunnel is up is
by design and a crucial security issue.

I as a network administrator have to make absolutely sure that a pc
connecting to my lan from the outside (via vpn) does not work as a
smokescreen for (potentially malicious) computers on that pc's lan and
the only way to achieve this is to modify the PC's routing table in such
a way as to make this pc an end node - no matter what else the pc is
connected to physically...


--
Martin Bodenstedt

www.landtag-bw.de / www.die-bodenstedts.de

 

[ceadmin]

I know you said this was done by design. But I am interested in how you would implement "split tunneling". I am interested in this for my own network both my remote vpn and local network are mine and don't really care about security in this instance.

 

[darkstar782]

Try using Hamachi as your VPN software and just run it on any computer that needs access to the VPN

Its just a little program that I use for playing games etc over the internet while avoiding systems such as Gamespy et. al.

www.hamachi.cc


You dont actually HAVE to run it on all the computers, you can simply run it on one computer on each network and 'bridge' the connections with windows, but thats more complex to set up

I apprecate the security risks for a corporate LAN, but I just use this to link my network and my best mates network for games so this really isnt an issue for me, and I dont really have anything on my PC that i care about loosing

 

[El0him]

split tunneling creates exceptions in the security architecture because not only are you susceptible... now you are exposing the remote site as well...

 

[ulis]

Hello,
i dont know if you still need help on your topic, but i can tell you for 100% sure that IT IS POSSIBLE to have VPN and still use LAN resources. Easiest solution is install second Net-adapter (Network card) in your pc and configure OS that one of Net-interface is used for LAN and 2nd for VPN. For more security you can variable with net-protocols for each of net-interface (example: VPN use TCP/IP, LAN use NetBeui). GL / HF

 

[folken]

You could setup a site to site instead of pc to site vpn. That would essensially merge your home and work networks. You could access both work and home computers simultaneously as if they were in the same location. The vpn would be made by your router, not your computer. This may require having the same vpn router at both sides which in some work environments is not possible.

 

[SmallOffice876]

Hello,
i dont know if you still need help on your topic, but i can tell you for 100% sure that IT IS POSSIBLE to have VPN and still use LAN resources. Easiest solution is install second Net-adapter (Network card) in your pc and configure OS that one of Net-interface is used for LAN and 2nd for VPN. For more security you can variable with net-protocols for each of net-interface (example: VPN use TCP/IP, LAN use NetBeui). GL / HF

Hi ulis.

I am interested in your set-up. Can you give us a little more details? How do you test file sharing over NetBeui? Do you need a special router?

Thanks

SO

 

[SmallOffice876]

Nevermind.

I found a solution.

Thx.

 

[bryanb]

Just wondering if anyone found a solution to this? If so, would you be able to post the solution or point me in the right direction?

I am having a similar issue whereby I have access to a VPN but lose connectivity locally when connected. I need to be able to keep access to the VPN as well as the LAN.

Any help is appreciated.

Thanks
Bryan

 

[eps492003]

Nevermind.

I found a solution.

Thx.

How about sharing?! you took the time to post that you found a solution, it would only be proper to share that as well.

Thanks

 

[mexvpn]

Mexvpn.com

We offer high quality dedicated US and UK IP VPN with 1 GB dedicated port speed on the servers and 128 Bit Encrypted Channel. It's the best solution if you travel too much or you access the internet from both home and work. You will have one IP that is dedicated to you everywhere you connect to internet. Home, Work, Another City or Even Another Country you will have the same IP and it will keep your security online. You can access your online accounts, do online bankings and everything you like without any worry.

Shared and Dedicated IP VPN - More than 20 servers access - Canada, United States, United Kingdom, Switzerland and Netherlands

Unlimited Bandwidth - Unlimited Switches - Stream Media and Watch Online TVs

- No Bandwidth Limitation
- 128 Bit Encrypted Channel
- Anonymous Internet Surfing
- Security for Hotspot Wireless Access Users
- No Extra software required
- 1 GB Private Port on All Servers
- Bypass ISP Blocking for VOIP Applications like Skype
- Security for Hotspot Wireless Access Users
- Dedicated, Dynamic & Shared IP Addresses
- Quality Network ensures your vpn service will be fast wherever you are in the world

http://www.mexvpn.com/

We accept Liberty Reserve payments!

 

[The_Prophecy]

This topic has been closed by The_Prophecy